Field Grouping & Aggregation

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
deewon
Posts: 2
Joined: Wed Jan 26, 2022 2:05 am

Field Grouping & Aggregation

Post by deewon »

Hello,

We are currently undergoing a trial of the product

1) I presume we can create custom index patterns of our own and they will be maintained by the internal lifecycle mgt, as long as they are time-series based, just like the default logstash index pattern e.g.

Code: Select all

[myindexname]-YYYY.MM.DD
?

2) Does the Nagioslogserver implementation of the dashboard allow building visualizations on sub-groups based on specific fields? A typical use case we have is to capture all API logs showing the service called, the client who made the call and the duration. e.g assume we ingest the following fields into our index that captures all API calls. The

Code: Select all

[duration]
field is computed by a ruby filter in logstash

Code: Select all

[service]   [client]  [call_start]  [call_end]  [duration]
Could we build dashboards that not only allow simple groupings but also subgrouping by entries in the fields e.g. an average response time per client? Or will this require ingesting specific indexes to allow those operations?

Thanks

Regards,
Dayo
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Field Grouping & Aggregation

Post by ssax »

1. I'm pretty sure that the indices need to be named in the logstash-XXXX.XX.XX format which is the default. I've reached out to QA/development to get clarification and will let you know what they say.

2. I'm investigating this.

You can setup complex filters that would do calculations and add/modify/remove fields which would make those fields visible (what you're currently doing):

https://assets.nagios.com/downloads/nag ... ilters.pdf

There are some additional details here that indicate there is some level of it but I'm not sure how far it allows you to go without custom development:

https://support.nagios.com/kb/article/c ... d-899.html
https://assets.nagios.com/downloads/nag ... Server.pdf
https://support.nagios.com/kb/article/l ... w-898.html
deewon
Posts: 2
Joined: Wed Jan 26, 2022 2:05 am

Re: Field Grouping & Aggregation

Post by deewon »

Thanks for this

The manuals were helpful. It was all down to defining the right queries, prior to building any visualizations so that they can be used for the dashboards

Regards,
Dayo
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Field Grouping & Aggregation

Post by ssax »

I'm glad they helped! Let us know if you have any related questions or when we're okay to lock this up and mark it as resolved.

Thank you!
Locked